Chapter 6 Configuration Basics

objects whenever the interface’s IP address settings change. For example, if you change an Ethernet interface’s IP address, the ZyWALL automatically updates the rules or settings that use the interface-based, LAN subnet address object.

You can use the Configuration > Objects screens to create objects before you configure features that use them. If you are in a screen that uses objects, you can also usually select Create new Object to be able to configure a new object. For a list of common objects, see Section 6.6 on page 114.

Use the Object Reference screen (Section 3.3.3.3 on page 61) to see what objects are configured and which configuration settings reference specific objects.

6.2 Zones, Interfaces, and Physical Ports

Zones (groups of interfaces and VPN tunnels) simplify security settings. Here is an overview of zones, interfaces, and physical ports in the ZyWALL.

Figure 62 Zones, Interfaces, and Physical Ethernet Ports

Zones

LAN WAN DMZ

Interfaces

ge1

ge2 ge3

ge4

ge5

ge6

ge7

ge8

Physical Ports

P1

P2

P3

P4

P5

P6

P7

P8

 

 

 

 

 

 

 

 

Table 12 Zones, Interfaces, and Physical Ethernet Ports

Zones

A zone is a group of interfaces and VPN tunnels. Use zones to apply

(WAN, LAN, DMZ)

security settings such as firewall, IDP, remote management, anti-

virus, and application patrol.

 

 

Interfaces

Interfaces are logical entities that (layer-3) packets pass through.

(Ethernet,

Use interfaces in configuring VPN, zones, trunks, device HA, DDNS,

policy routes, static routes, HTTP redirect, and NAT.

VLAN,...)

Port groups combine physical ports into interfaces.

 

 

 

Physical

The physical port is where you connect a cable. In configuration, you

Ethernet Ports

use physical ports when configuring port groups. You use interfaces

(P1, P2, ...)

and zones in configuring other features.

 

 

 

96

 

ZyWALL USG 2000 User’s Guide